We use cookies to personalize content, to provide social media features and to analyze our traffic. We also share information about your use of our site with our social media, advertising and analytics partners. For information on how to change your cookie settings, please see our Privacy policy. Otherwise, if you agree to our use of cookies, please continue to use our website.

Protect Private Data With A Privacy Wall

The smart folks over at Wesabe describe a neat idea for protecting private data in a database. They call it the "privacy wall". In a nutshell: don't keep private data (credit cards, SSNs, medical records, etc) keyed to users; rather, key these data from a hash of the username and password. This means one needs a username/password to match any secret data back to any individual. If hackers managed to compromise such a database, they'd end up with gigabytes of disconnected facts, making identify theft much more difficult. Most online retailers have poor security practices (for example, experts advise never storing credit card numbers; most online retailers do). Barney Frank, Chairman of the House Financial Services Committee, is proposing legislation to hold retailers more accountable for data breaches. Tightening up your data security procedures makes good business sense, even if not yet required by law. The privacy wall concept is worth considering.

Join the Discussion